From 4790b43f92125ffb70b185af12933ff77131c7d1 Mon Sep 17 00:00:00 2001 From: cccs-kevin Date: Thu, 19 Oct 2023 20:25:00 +0000 Subject: [PATCH] Updating the Assemblyline link --- README.md | 10 +++++----- 恶意软件分析大合集.md | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 1635e26..a68058f 100644 --- a/README.md +++ b/README.md @@ -222,7 +222,7 @@ View Chinese translation: [恶意软件分析大合集.md](恶意软件分析大 * [AnalyzePE](https://github.com/hiddenillusion/AnalyzePE) - Wrapper for a variety of tools for reporting on Windows PE files. -* [Assemblyline](https://bitbucket.org/cse-assemblyline/assemblyline) - A scalable +* [Assemblyline](https://cybercentrecanada.github.io/assemblyline4_docs/) - A scalable distributed file analysis framework. * [BinaryAlert](https://github.com/airbnb/binaryalert) - An open source, serverless AWS pipeline that scans and alerts on uploaded files based on a set of @@ -387,7 +387,7 @@ executables. accounts. * [PhishStats](https://phishstats.info/) - Phishing Statistics with search for IP, domain and website title -* [Spyse](https://spyse.com/) - subdomains, whois, realted domains, DNS, hosts AS, SSL/TLS info, +* [Spyse](https://spyse.com/) - subdomains, whois, realted domains, DNS, hosts AS, SSL/TLS info, * [SecurityTrails](https://securitytrails.com/) - Historical and current WHOIS, historical and current DNS records, similar domains, certificate information and other domain and IP related API and tools. @@ -642,7 +642,7 @@ the [browser malware](#browser-malware) section.* plugin for Sublime 3 to aid with malware analyis. * [strace](https://sourceforge.net/projects/strace/) - Dynamic analysis for Linux executables. -* [StringSifter](https://github.com/fireeye/stringsifter) - A machine learning tool +* [StringSifter](https://github.com/fireeye/stringsifter) - A machine learning tool that automatically ranks strings based on their relevance for malware analysis. * [Triton](https://triton.quarkslab.com/) - A dynamic binary analysis (DBA) framework. * [Udis86](https://github.com/vmt/udis86) - Disassembler library and tool @@ -848,8 +848,8 @@ the [browser malware](#browser-malware) section.* Presentation introducing the concepts of malware analysis, threat intelligence and reverse engineering. Experience or prior knowledge is not required. Labs link in description. -* [Malware Persistence](https://github.com/Karneades/malware-persistence) - Collection - of various information focused on malware persistence: detection (techniques), +* [Malware Persistence](https://github.com/Karneades/malware-persistence) - Collection + of various information focused on malware persistence: detection (techniques), response, pitfalls and the log collection (tools). * [Malware Samples and Traffic](http://malware-traffic-analysis.net/) - This blog focuses on network traffic related to malware infections. diff --git a/恶意软件分析大合集.md b/恶意软件分析大合集.md index ca4a33b..8a7ece6 100644 --- a/恶意软件分析大合集.md +++ b/恶意软件分析大合集.md @@ -153,7 +153,7 @@ *反病毒和其他恶意软件识别工具* * [AnalyzePE](https://github.com/hiddenillusion/AnalyzePE) - Windows PE 文件的分析器 -* [Assemblyline](https://bitbucket.org/cse-assemblyline/assemblyline) - 大规模分布式文件分析框架 +* [Assemblyline](https://cybercentrecanada.github.io/assemblyline4_docs/) - 大规模分布式文件分析框架 * [BinaryAlert](https://github.com/airbnb/binaryalert) - 开源、无服务 AWS 管道,用于对上传的文件使用 YARA 进行扫描和报警 * [capa](https://github.com/fireeye/capa) - 检测可执行文件的攻击能力 * [chkrootkit](http://www.chkrootkit.org/) - 本地 Linux rootkit 检测 @@ -342,7 +342,7 @@ * [Capstone](https://github.com/aquynh/capstone) - 二进制分析反汇编框架,支持多种架构和许多语言 * [codebro](https://github.com/hugsy/codebro) - 使用 clang 提供基础代码分析的 Web 端代码浏览器 * [Cutter](https://github.com/radareorg/cutter) - Radare2 的 GUI -* [DECAF (Dynamic Executable Code Analysis Framework)](https://github.com/sycurelab/DECAF) +* [DECAF (Dynamic Executable Code Analysis Framework)](https://github.com/sycurelab/DECAF) - 基于 QEMU 的二进制分析平台,DroidScope 是 DECAF 的扩展 * [dnSpy](https://github.com/0xd4d/dnSpy) - .NET 编辑器、编译器、调试器 * [dotPeek](https://www.jetbrains.com/decompiler/) - 免费 .NET 反编译与汇编浏览器